Adjust License Diff to account for License Category #71
Comments
|
You may want to break this up into small tickets if needed. |
|
@MaJuRG @DennisClark I'm looking for several large codebases to test my license-change detection work and thought the recent Facebook change to its React licensing might be useful. Testing
|
|
@jmhoran once again, scancode is “ahead of” dejacode. Please create a new license request in DejaCode. |
|
@DennisClark Is that done by opening a new issue and assigning the label |
|
@johnmhoran that license may not be in DejaCode, or if it is, it is under a slightly different name. As far as single projects that change from permissive to copyleft, I do not know many off the top of my head. You may have to craft these specific examples. |
|
@MaJuRG Thanks -- will do. And thanks as well re how to create a license request. |
|
@MaJuRG I'm in DejaCode -- is the license request submitted through the |
|
No, go here: https://enterprise.dejacode.com/requests/ |
|
Thanks @MaJuRG -- request submitted. |
|
@MaJuRG In one of your three examples above, What do you think? |
|
FYI, I'm currently treating the following as comprising the categories of particular interest from among the license categories in DejaCode: The remaining two categories are 'Permissive' and 'Public Domain'. I'm interpreting 'copyleft limited or higher' as including all of the notable categories, and 'proprietary/commercial' as meaning 'Commercial' and 'Proprietary Free'. Let me know if this is not consistent with your intent. |
|
Yes, we should treat permissive and public domain the same. we should "point out" (increase the score) all other cases. |
|
Thanks @MaJuRG . |
|
@MaJuRG Do we want to increase the score for each problematic license category that is added (e.g., one incremented score for 'Copyleft', no matter how many different licenses of this category are added), or increment for each unique license of a problematic category (e.g., 'gpl-2.0' and 'gpl-1.0-plus' ==> two score increments)? Thus far I've been taking the former approach. |
|
Your way is correct. |
|
👍 |
|
@MaJuRG I'm about to push a commit for your vetting -- more tests to follow. |
* Modify DeltaCode.license_diff() to detect and identify the addition
of certain categories of licenses.
* Refactor scoring structure and methods to discard use of score for
delta identification.
* Modify sorting of delta results: by score descending, then
alphabetically ascending.
* Modify utils.deltas() to adjust to refactored scoring structure.
* Add File.licenses_is_empty() and File.copyrights_is_empty() methods.
* Add Delta.is_modified() and Delta.is_unmodified() methods.
* Fix failing tests, add tests.
Signed-off-by: John M. Horan <johnmhoran@gmail.com>
|
@MaJuRG Push coming shortly. I've been able to substantially simplify the category-change detection while retaining all three of our new rules, i.e., incrementing
For clarity, I've also added comments in the code indicating where each of these rules is implemented. |
* Clarify Delta sorting. * Simplify set creation. * Simplify implementation of category-change detection. * Rename methods. * Fix failing tests, add new test codebases and tests. Signed-off-by: John M. Horan <johnmhoran@gmail.com>
* Stop sorting in category-change process, and modify related tests to
compare lists that may have dissimilar ordering.
* Remove rule: anything ==> 'Proprietary Free' or 'Commercial'.
Signed-off-by: John M. Horan <johnmhoran@gmail.com>
|
merged #86, closing |
Replace packaging with packvers in src/scripts
Auditors care more about Copyleft and Proprietary licenses showing up in a codebase. We need to adjust our scoring so that more emphasis is give to:
There are probably other combinations here as well.
The text was updated successfully, but these errors were encountered: